How can I define different policies for groups?

MetaAccess allows IT/Security administrators to define different security level for different groups. Administrators have flexibility in terms of customizing security policies for different audiences to ensure that groups with different needs or risk scores have different levels of access rights

How do I create a new policy?

1. Log into the MetaAccess console

2. Navigate to the Policies in the left navigation

3. Click on the CREATE NEW POLICY button
images/download/attachments/336325/image2019-5-15_8-58-26.png

4. Fill in the Policy Name and Description (optional) in Step 1

5. Click on the DEFINE DEVICE ACTIONS button to define actions you would like the agent perform on a device

  • Threat Detection actions: protect your devices from risky portable media drives and schedule a threat scan on devices. Learn more

images/download/attachments/336325/image2019-5-15_9-11-7.png

6. Click on the DEFINE DEVICE ISSUES button to define how to consider an issue and severity of each issue on devices for vulnerabilities, device compliance check (installed anti-malware, antiphishing, disk backup, operating system, encryption applications and firewall), Infections, unwanted applications, custom. You can select the device types (Desktops, laptops, Virtual Machines and Servers) these rules are applied to as well as by Operating System type (Windows, macOS, Linux, Android, and iOS)
images/download/attachments/336325/image2019-5-15_10-4-53.png

7. Click on the DEFINE DEVICE STATUS button to define a device status (compliant or non compliant) based on compliance security issues and other conditions.

  • You can edit existing device status rules

  • OR Add/Remove device status rules. Note that you cannot delete the default rule. It's a fallback rule in case a device doesn't meet any rules you define.

    images/download/attachments/336325/status.PNG

8. Hit CREATE button to create the policy.

Notes:

  • MetaAccess processes rules by ordered. If a device meets a rule (must to meet all conditions defined in that rule), it will get device status in that rule.

For example: a policy has 3 rules below:

images/download/attachments/336325/threerules.PNG

Case 1: my device reported with no issues and has not checked in 3 hours.

Device status: the device is considered as non-compliant with Rule #1

Case 2: my device reported with no issue 5 minutes ago

Device status: the device is considered as non-compliant with Rule #2

How do I update a policy?

  1. Log into MetaAccess console

  2. Navigate to Policies

  3. Go to policy details of a policy you want to update

  4. Click on a step on the right-top corner to go to a step you want to update.

  5. Click on SAVE button at the button and confirm your PIN to save changes

How do I apply a policy to a group?

  1. Log into the MetaAccess console

  2. Navigate to Groups

  3. Go to the group that you want to assign a new policy and select a new policy to assign to the group

    images/download/attachments/336325/image2019-5-15_10-10-54.png

5. Confirm your change with your PIN. Note that MetaAccess will re-assess device status for devices in the group with the new policy

This article applies to MetaAccess product.
This article was last updated on 2019-05-15.
TT